02) INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(19) World InteDectual Property 
Organization 
International Bureau 




iniiiiiHiiiiiiiiiinniiiiiiiniiiiiiiHiiiiii 



(43) International Publication Date (10) International Publication Number 

12 February 2004 (12.02.2004) PCT WO 2004/013749 Al 



(51) International Patent Clasafication'': 

H04L 9/00 

(21) International Application Number: 



G06F3/12. 



PCT/JP2003/010016 

(22) International Filing Date: 6 August 2003 (06.08.2003) 

(25) Filing Language: English 

(26) Publication Language: English 



(30) Priority Data: 

2002- 228950 

2003- 280375 



6 August 2002 (06.08.2002) JP 
25 July 2003 (25.07.2003) JP 



(71) Applicant (for all designated States except US)i CANON 
KABUSHIKI KAISHA [JP/JP]; 3-30-2. Shimomaruko, 
Ohta-ku, Tokyo 146-8501 (JP). 

(72) Inventor; and 

(75) Inventor/Applicant (for US only)i MINA6AWA, 
Tomonori [JP/JP]; c/o CANON KABUSHIKI KAISHA. 
3-30-2, Shimomaruko, Ohta-ku, Tokyo 146-8501 (JP). 



(74) Agents: OKABE, Masao et al.; No. 602, Fuji Bldg., 2-3, 
Marunouchi 3-chome, Chiyoda-ku, Tokyo 100-0005 (JP). 

(81) Designated States (national): AE, AG, AL, AM, AT, AU, 
AZ, BA, BB, BG, BR, BY, BZ, CA, CH, CN, CO, CR, CU, 
CZ, DE, DK, DM, DZ, EC, EE, ES, H, GB, GD, GE, GH, 
GM, HR, HU, ID, IL, IN, IS, KE, KG, KP, KR, KZ, LC, 
LK, LR, LS, LT. LU. LV, MA, MD. MG, MK, MN, MW, 
MX. MZ, Nl, NO, NZ. OM, PG, PH. PL. PT. RO, RU. SC. 
SD, SE, SG, SK, SL, SY, TJ, TM, TN, TR, TT, TZ, UA, 
UG. US, UZ, VC, VN, YU, ZA, ZM, ZW. 

(84) Designated States (regional): ARIPO patent (GH, GM. 
KE, LS, MW, MZ, SD, SL, SZ, TZ, UG, ZM, ZW), 
Eurasian patent (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), 
European patent (AT, BE, BG, CH, CY, CZ, DE, DK, EE, 
ES, H, FR, GB, GR, HU, IE, IT, LU, MC, NL, PT. RO, 
SE, SI, SK, TR), OAPI patent (BF, BJ, CF, CG, CI, CM. 
GA, GN, GQ, GW, ML, MR. NE. SN. TD, TG), 

Published: 

— with international search report 

For two-letter codes and other abbreviations, refer to the "Guid- 
ance Notes on Codes and Abbreviations" appearing at the begin- 
ning of each regular issue of the PCT Gazette, 



(54) Tltic: PRINT DATA COMMTTNIP ATTON WITH DATA ENCRYPTION AND DECRYPTION 



i 
\ 



NETWORK 
PRINTER 



1500a. 



OS 



V 



□ 



^3000 



HOST CX)MPUTER 



1500b 




i 



INTERNET 
PRINTER 



T 

100 



LAN 



(57) A bstract^ A printing job containing printing data is transmitted to a specified image forming apparatus through a conmiunica- 

tions inediumso that the printing data can be printed by the specified image forming apparatus. The printing data is encrypted in an 

encrypting method specified for printing the printing job, the information about the destination for the image forming apparatus is 
obtained, and the information about the destination obtained by the obtaining means is decrypted by the disclosed method, apparatus, 
and mediimL 
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DESCRIPTION 

PRINT DATA COMMUNICATION WITH DATA ENCRYPTION AND 

DECRYPTION 

5 

TECHNICAL FIELD 

The present invention relates to a print 
control apparatus, an image forming apparatus, an 
image forming apparatus management* sexver, a print 
10 processing system, a print control method, a computer 
program, and a computer-readable recoxding medium, 
and is more specifically suitable for printing data 
via a communications medixom such as the Internet and 
a network, etc. 

15 

backgr;ound art 

Methods of acquiring and printing data on a 
printer (an example of an image form±ng apparatus) 
from a host computer includes: a stand-alone 

20 connection methods in which the host computer and the 
printer are directly connected with each other 
through a cable; and a network connection method in 
which the host computer and the printer are connected 
with each other through a network so that the network 

25 connection allows the use of the remote printer. 

Among these methods, the network printing for 
printing data through a network using the above- 
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mentioned network connection has an advantage of 
printing on another printer connected to a netwoirk 
(Internet) • The network printing also has an 
advantage of allowing a plurality of terminal devices 
5 to share large high-speed printers and expensive 

color printers, and that of printing data on a remote 
printer as described above. These advantages promote 
the use of network printing explosively. 

10 DESCLOSURE OF THE INVENTION 

However, networks and the Internet are used, by 
an unlimited number of users, and it is not so 
difficult for a third party to tap the printing data 
travelling through the networks and Internet when the 

15 third party intends to. 

For example, when important data such as 
securities or confidential data is printed on a 
printer in a client site connected to the Internet, 
or a salesman prints such data using a printer near a 

20 visiting site, it is undesired that the printing data 
can be tapped, falsified before reaching the printer, 
or printed on a wrong printer other than the printer 
specified by the printer driver. 

However, in the conventional technology, there 

25 has been the problem that printing data can be tapped 
and used by a third party when data can be printed 
through a communications mediiam such as a network:. 
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Internet^ etc. 

The present invention has been developed to 
solve the above-mentioned problems. As a first 
aspect of the present invention, even if printing 
5 data is tapped when it is printed through a 

communications medium such as a network^ Internet, 
etc . , the tapped data can be protected from being 
used by a third party. Furthermore, as a second 
aspect of the present invention, even if printing 

10 data is tapped and falsified when it is printed 

through a communications medium such as a network, 
Internet, etc., the tapping or the falsification can 
be detected to protect data against illegal printing. 
Additionally, as a third aspect of the present 

15 invention, when a port, a URL, or other information 
that are suitable examples of destination of a 
printer is obtained from a printer management server 
through a network and Internet, the information about 
the print destination data is protected against 

20 tapping. 

Other features and advantageous of the present 
invention will be apparent from the following 
description taken in conjunction with the 
accompanying drawings, in which like reference 

25 characters designate the same or similar parts 
throughout there of. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 shows the concept of the first 
embodiment of the present invention in reference to 
an example of the configuration of the print 
5 processing system^ 

FIG. 2 is a block diagram of the first 
embodiment of the present invention in reference to 
an example of the configuration of the print 
processing system.; 
10 FIGS. 3A and. 3B show the first embodiment using 

a memory map of RAM; 

FIG. 4 shows the first embodiment of the 
present invention by explaining an encryption key 
used in the print processing system; 
15 FIG. 5 shows the first embodiment of the 

present invention in reference to a flowchart of the 
process of the printer driver; 

FIG. 6 shows the first embodiment of the 
present invention in reference to a flowchart of the 
20 process of the printer; 

FIG. 7 shows the second embodiment of the 
present invention in reference to a flowchart of the 
process of the printer driver; 

FIG. 8 shows the second embodiment of the 
25 present invention in reference to a flowchart of the 
process of the printer; 

FIG. 9 shows the third embodiment of the 
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present invention in reference to a flowchart of the 
process of the printer driver; 

FIG. 10 shows the third eiobodiment of the 
present invention in reference to a flowchart of the 
5 process of the printer; 

FIG. 11 shows the concept of the fourth 
embodiment of the present invention in reference to 
an example of the configuration of the print 
processing system; 
10 FIG. 12 is a block diagram of the fourth 

embodiment of the present invention in reference to 
an example of the configuration of the print 
processing system; 

FIGS. 13A^ 13B and 13C show the fourth 
15 embodiment using a memory map of RAM; 

FIG. 14 shows the fourth embodiment of the 
present invention by explaining an encryption key 
used in the print processing system; 

FIG. 15 shows the fourth embodiment of the 
20 present invention in reference to a flowchart of the 
process of the printer management server; 

FIG. 16 shows the fourth ertODodiment of the 
present invention in reference to a flowchart of the 
process of the printer driver; 
25 FIG. 17 shows the fourth embodiment of the 

present invention in reference to a flowchart of the 
process of the printer; 
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FIG. 18 shows the fifth embodiment of the 
present invention in reference to a flowchart of the 
process of the printer management server; 

FIG. 19 shows the fifth embodiment of the 
5 present invention in reference to a flowchart of the 
process of the printer driver; 

FIG. 20 shows the sixth embodiment of the 
present invention in reference to a flowchart of the 
process of the printer driver; 
10 FIG. 21 shows the sixth embodiment of the 

present invention in reference to a flowchart of the 
process of the printer management server; 

FIG. 22 shows the sixth embodiment of the 
present invention in reference to a flowchart of the 
15 process of the printer; and 

FIG. 23 shows an embodiment of the present 
invention in reference to the encrypting process on 
the information about a destination. 

20 BEST MODE FOR CARRYING OUT THE INVENTION 
. (First Embodiment) 

The first embodiments of the print control 
apparatus^ the printer, the printer management server 
the print processing system, ttie print control method 
25 the computer program, and the computer-readable 

recording mediiom according to the present invention 
are described below by referring to the attached 
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drawings • 

FIG. 1 shows the concept of the first 
embodiment of the present invention in reference to 
an example of the configiaration of the print 
5 processing system. 

In the embodiments of the present invention^ 
the user operates a print instruction from a host 
computer 3000 mounted as a print control apparatus, 
and considers a case in which dat;a is printed on a 
10 network printer 1500a shared over a network (LAN) 100 
and an Internet printer 1500b connected through 
Internet 200. In addition to the printers, an 
example of an image form±ng apparatus can be a 
scanner, a facsimile, a digital camera, and a 
15 composite machine (multifunction peripheral device) 
provided with the functions of a copy machine, a 
printer, a facsimile, a scanner, etc. 

FIG. 2 is a block diagram of the first 
embodiment of the present invention in reference to 
20 an example of the configiaration of the print 
processing system. 

Unless otherwise specified, the host computer 
3000 is connected to a printer 1500 (network printer 
1500a and Internet printer 1500b) through a LAN, a 
25 WAN, a public circuit, the Internet, and any othdr 
means (communications medium) 

In FIG. 2, the host computer 3000 includes a 
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CPU 1 for processing a document containing graphics, 
images, characters, tables (including spreadsheets, 
etc . ) , etc . in a mixed manner according to the 
document processing program, etc. stored in program 
5 ROM of ROM 3 or in external memory 11, and centrally 
controls each of the devices 2 to 8 connected to a 
system bus 4 . 

Program ROM 3b of the ROM 3 or the external 
memory 11 also stores an operating system program 

10 (OS), etc. which is the control program of the CPU 1. 
Font ROM 3a of the ROM 3 or the external memory 11 
stores font data, etc. for use in the above-mentioned 
docioment processing. Additionally, data ROM 3c of 
the ROM 3 or the external memory 11 stores various 

15 data for use in performing the above-mentioned 
document processing. 

RAM 2 functions as main memory, a work area, 
etc. of the CPU 1. 

A keyboard controller (KBC) 5 controls the key 
20 input from a keyboard 9 or a pointing device not 
shown in the attached drawings. 

A CRT controller (CRTC) 6 controls th.e display 
of a CRT display (CRT) 10. 

A disk controller (DKC) 7 controls thie access 
25 to the hard disk (HD) and the external memory 11 such 
as a flexible disk (FD) , etc. storing a boot program, 
various applications, font data, a user file, an 
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editing file, a printer control command generation 
program (hereinafter referred to as a printer driver) , 
etc. 

A printer controller (PRTC) 8 is connected to 
5 the printer 1500 through the network 100, and 

performs a controlling process on the bidirectional 
communications with the printer 1500. The printer 
controller 8 can add a command depending on a 
connection protocol to a printing job when the 

lO printing job is ' transmitted to the printer 1500. The 
command can also be automatically added by the 
operating system program (OS) . 

The CPU 1 performs the rasterization on the 
outline font in the display information RAM set in 

15 the RAM 2, and enables WYSIWYG on the CRT 10. 

The CPU 1 opens various windows recorded 
according to the command indicated by the mouse 
cursor, etc. not shown in the attached drawings on 
the CRT 10, and performs various types of data 

20 processing. Before performing print processing, the 
user opens the window for print settings. Then, the 
user sets a printing process for a printer driver 
including setting a printer, selecting a printing 
mode, etc. using the opened window. 

25 In the printer 1500, a printer CPU 12 has the 

function of outputting an image signal as output 
information to a printing unit 17 (printer engine) 
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throughi a printing unit interface (printing unit I/F) 
16 connected to a system bus 15 according to the 
control program, etc. stored in the program ROM of 
ROM 14 or the control program, etc. stored in 
5 external memory 21. 

Program ROM 14b of the ROM 14 stores a contrrol 
program, etc. of the printer CPU 12. Font ROM 14a. of 
the ROM 14 stores font data, etc. for use in 
generating the output information. Data ROM 14c of 

10 the ROM 14 stores the information, etc. for use by 
the host computer 3000 on a printer having no 
external memory 21 such as a hard disk, etc. 

The printer CPU 12 can communicate with the 
host computer 3000 through an input unit 18, and can 

15 notify the host computer 3000 of the information,, etc. 
in the printer 1500. 

The data received from the printer driver is 
stored in RAM 13, and converted into an image signal 
by the control program. A command added depending on 

20 the communications protocol is interpreted also by 
the control program. 

Tlie RAM 13 is a recording medium functioning as 
the mai-n memory, a work area, etc. of the printer CPU 
12, and. is configured such that its memory capacity 

25 can be extended by the optional RAM connected to the 
extension port not shown in the attached drawings . 
The RAM 13 is used as an output information expansion 
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area, environment data storage area, NVRAM (non- 
volatile RAM), etc. 

The above-mentioned hard disk (HD) and external 
memory 21 such as an IC card, etc. are access- 
5 controlled by a memory controller (MC) 20. The 

external xaemory 21 is connected as an optional unit, 
and stores font data, an emulation program, form data, 
etc. 

An operation panel 22 is provided with switches 

10 for operations,' an LED indicator, a liquid crystal 
panel, etc. Additionally, the above-mentioned 
external memory 21 is not limited to one unit, but 
can include at least one or more memory units. The 
memory can also be configured to be provided with, in 

15 addition to built-in fonts, an optional font card, 
and a pliarality of external memory units storing a 
program for interpretation of printer control 
languages of different types. Furthermore, the 
memory can include NVRAM not shown in the attached 

20 drawings to store printer mode setting information 
from the operation panel 22. 

FIG. 3A is a memory map showing the control 
program which is stored in the program ROM 3b of the 
host compxiter 3000 according to the. embodiment of the. 

25 present invention, and becomes executable after it is 
loaded to the RAM 2 of the host computer 3000. 
The encryption, a data feature amount 
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computation function,* etc, for use in the host 
computer 30 00 according to the embodiment of the 
present invention are resident as a part of a program 
304 related to a printing process. A public key of a 
5 printer designated for printing and a private key of 
a printer driver itself are resident as a part of a 
related data 303. 

FIG, 13B is a memory map showing the control 
program which is stored in the program ROM 14b of the 
10 printer 1500 according to the embodiment of the 

present invention, and becomes executable after it is 
loaded to the RAM 13 of the printer 1500. 

The decryption/ a data feature amount 
computation function, etc. for use in the printer 
15 1500 according to the embodiment of the present 

invention are resident as a part of a program 313 
related to a printing process. A public key of a 
specific printer driver and a private key of a 
printer itself are resident as a part of a related 
20 data 312. 

FIG. 4 shows the encryption key for use in the 
print processing system (refer to the flowcharts 
shown in and after FIG. 5) according to the 
embodiment of the present invention. In the 
25 embodiment, the encryption is realized by the public 
key cryptosystem and the conventional encryption 
system, and each information equipment has its own 
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public key and private key. Therefore , FIG. 4 
clearly shows the respective keys. 

In FIG. 4, the picture showing the key 
overriding the data indicates that the data is 
5 encrypted by the corresponding key. 

In the print processing system according to the 
embodiment of the present invention^ the printing 
process cannot be performed on any printers other 
than the specified printer by transmitting printing 
10 data encrypted in the public key cryptosystem. 

The public key cryptosystem is a method in 
which the encryption and the decryption are realized' 
using different keys (private key and public key) 
between a user and the user's communication partner^ 
15 and data encrypted using one key cannot be decrypted 
without using the other key. 

In the public key cryptosystem^ the public key 
is normally published^ and the private key is kept in 
secret. In the public key cryptosystem, it is not 
20 necessary to prepare a specific key for each 

communication partner, and a public key can be 
published. Therefore, a key can be easily 
transmitted to a communication partner with a person 
who can decrypt the key limited to the user. 
25 If the public key cryptosystem is applied to, 

for example, the printer 1500 according to the 
present embodiment, and the printing data is 
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encrypted using the published public key of the 
printer^ then the data can be printed only on the 
destination printer with the printing data 
transmitted from any printer driver, thereby 
5 disabling the other printers to print the data* 

The process of a printer driver generating an 
encrypted printing job is described below in detail 
by referring to the process flow shown in FIG. 5. 
Upon receipt of a print request from an 
10 application, the printer driver of the host computer 
3000 encrypts the printing data using the public key 
of the destination printer 1500 (step S501) • 

Then, the encrypted printing data is 
transmitted as a printing job to the printer 1500. 
15 The public key of the printer 15 00 is published, 

and the printer driver selects the public key of the 
destination printer 1500 for use. 

The process of the printer 1500 obtaining 
printing data from the received printing job is 
20 described below in detail by referring to the process 
flow shown in FIG. 6. 

The printer 1500 decrypts the printing data in 
the received printing job using the private key of 
the printer 1500 (step S601) , and obtains the 
25 printing data. 

As described above , the private key of the 
printer 1500 is held by the printer 1500 as an 
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10 



unpublished key. 

When an unspecified printer tries to print the 
printing data, the printing data- is encrypted, and 
cannot be decrypted or printed as is. Furthermore, 
since only the specified printer 1500 has the key to 
decrypt the encrypted data, the other printers cannot 
decrypt the data. Therefore, in the print processing 
system according to the embodiment of the present 
invention, although printing data is tapped on the 
network 100, the printing data can be protected 
against printing on the other printers.' 
(Second Embodiment) 

The second embodiments of the print control 
apparatus, the printer, the printer management server 
15 the print processing system, the print control method 
the computer program, and the computer-readable 
recording medi\am according to the present invention 
are described below. The configuration of the 
hardware of the print processing system according to 
20 the present embodiment is similar to the 

configuration of the above-mentioned first embodiment 
Therefore, the same components as those in the first 
embodiment are assigned the same reference numerals 
shown in FIGS. 1 to 6, and the detailed explanation 
25 is omitted here. 

In the first embodiment, the print processing 
system can protect printing data against printing on 
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other printers even if the printing data is tapped. 

However, since the public key of the printer: 
1500 is published, the printer 1500 cannot deteriaxne 
whether or not printing data has been falsified when 
5 anybody hooks the original printing data and 

transmits different data to the printer 1500 throiagh 
the same steps as the process shown in FIG. 5. Thtis 
may cause a serious problem when the printing data, if 
an estimate, securities, etc. 
10 Therefore,, in the printing process according to 

the present embodiment, the presence/absence of ttie 
falsification can be checked by a printer by 
receiving a printing job with a digital signature 
added to printing data. 
15 A digital signature is obtained by encrypting 

the computed feature amount of the contents of 
printing data using a private key of a printer driver 
of the host computer 3000. The printer has a built- 
in public key of a specific printer driver, and uses 
20 it in decrypting and checking the digital signature. 
The feature amount of the contents of the 
printing data is represented by a hash value, a 
checksum, etc. A hash value is computed using a h.ash 
function which is hardly obtained from a computation 
25 result or is hardly falsified to obtain the same hash 
value . 

The process of a printer driver of a host 
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computer according to the present embodiment 
generating an encrypted printing job is described 
below in detail by referring to the process flow 
shown in FIG. 7. 
5 Upon receipt of printing data at a print- 

request from an application, the printer driver of 
the host computer encrypts the printing data using a 
public key of the destination printer (step S7 01) • 
Then, a feature amount is computed from the 
10 original non-encrypted printing data using a feature 
amount computation function (step S702) , and the 
feature amount is encrypted using a private key of 
the printer driver (step S703) . The result is used 
as a digital signature. Then, the host computer 
15 transmits a combination of the encrypted printing 

data and the digital signature as a printing j ob to 
the printer for printing the printing data. 

The process of a printer according to the 
present embodiment obtaining printing data from a 
20 received printing job is described below in detail by 
referring to the process flow shown in FIG. 8 • 

The printer decrypts the printing data in the 
received printing job using the private key of the 
printer (step S801) to obtain the printing data* 
25 Then, it decrypts the digital signature in the 
printing job using the public key of the source 
printer driver (step S802) to obtain the feature 
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amount of the obtained printing data. 

• Then, the printer computes the feature amount 
from the obtained printing data using a feature 
amount computation function (step S803) , compares the 
5 featxare amount with the feature amount of the 

rece±ved printing data (step SB 04), and confirms that 
the obtained printing data in step S801 is not 
.falsified if the feature amounts match each other. 

If the feature amount computed by the printer 
10 does not match the feature amount of the received 
printing data in the process in step S8 04, the 
following condition can be assTimed. 

That is, there can be a case in which printing 
data cannot be decrypted using the public key of a 
15 specific printer driver, and the source of the 

received printing data is different from the correct 
host computer, and a case in which the computed 
feature amount of the printing data is different from 
the feature amount of the received printing data, 
20 thereby indicating the falsification of - the printing 
data. In each case, the printing job has not been 
correctly transmitted. 

In the print processing system according to the 
present embodiment, illegal printing data can be 
25 detected by a printer. When the illegal printing 
data is detected, the illegal printing data is not 
output after the detection, and the host computer is 
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notified of the reception of the illegal printing 
data which is an effective countermeasure . 

In the present embodiment, the body of the 
printer has a feature amount computation function 
common to the printer driver. Furthermore, it is 
assumed that a public key of a specific printer 
driver {or host computer) has been recorded in 
advance in the body of the printer; 

The encryption key specific to a printer driver 
is not limited to a printer driver, but can be 
replaced with an encryption key specific to the host 
computer 3000 or the current user. 

For example, when the encryption key is 
specific to the host computer 3000, the host computer 
3000 can be used in the multi-user mode so that all 
user using the host computer 3000 can print the 
printing data on the printer 1500 on the same 
conditions . 

When an encryption key is specific to a user, 
the printing data can be printed on the same 
conditions by a desktop personal computer in a 
company and a notebook personal computer (PC) out in 
the field. 

Thus, only one public key can be recorded in 
the printer in any case in which an encryption key is 
specific to a printer driver, the host computer 3000, 
or a user. 
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(Third Ernbodiment ) 

The third embodiments of the print control 
apparatus, the printer, the printer management server, 
tine print processing system, the print control method, 
5 the computer program, and the computer-readable 

recording medium according to the present invention 
are described below. The configuration of the 
hardware of the print processing system according to 
the present embodiment is similar to the 

10 configurations of the above-mentioned first and 

second embodiments. Therefore, the same components 
as those in the first and second embodiments are 
assigned the same reference numerals shown in FIGS. 1 
to 8, and the detailed explanation is omitted here. 

15 In the above-mentioned first and second 

embodiments, printing data is protected against 
tapping or falsification of the tapped printing data 
so that the printer driver can be printed with the 
security of the printing data improved. 

20 However, since the encryption and decryption of 

the printing data in the above-mentioned public key 
cxryptosystem requires a long processing time, it is 
not desired to apply the method to printing data of a 
large size. 

25 Therefore, in the present embodiment, the 

conventional encryption system which is much higher 
in perf oantiance (requires much shorter processing 
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time) than the public key cryptosystem is described. 

The conventional encryption system refers to a 
method of encryption and decrypting data using the 
same key (secret key) between a user and its partner. 
5 Practically^ data is encrypted by replacing or 

shifting a bit string of a sentence with another bit 
string according to a rule represented by a secret 
key. 

The processing of the conventional encryption 

10 system is considered to be several hundred times 

faster than the complicated process of the public key 
cryptosystem having the feature that it is difficult 
to perform prime factorization when the value 
obtained by multiplying pr±me numbers^ or that it is 

15 difficult to estimate a value in an oval curve into 
which the value has been input. 

However, on the other hand, it is necessary to 
pass a secret key in a safe method to each partner, 
and to prepare a secret key specific to each partner. 

20 In the present embodiment, the public key 

cryptosystem is combined w±th the conventional 
encryption system to encrypt printing data using a 
secret key, and pass the secret key to a printer 
using a public key. 

25 The process of a printer driver generating an 

encrypted printing job is described below in detail 
by referring to the process flow shown in FIG. 9. 
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Upon receipt of the printing data at a print 
request from an application^ the printer driver of a 
host computer first generates a secret key {step 
S901) , and encrypts the received printing data using 
5 the generated secret key (step S901) . The generated 
secret key is encrypted using the public key of the 
printer (step S903) • 

Then^ the feature amount is computed from the 
original non-encrypted printing data using a feature 
10 amount computation function (step S904), and the 

feature amount is encrypted using the private key of 
the printer driver (step S905) . The result is a 
digital s ignatur e . 

Then^ the host computer transmits a combination 
15 of the printing data encrypted using the secret key, 
the secret key encrypted using the public key of the 
printer, and the digital signature as a printing job 
to the printer. 

The process of the printer obtaining printing 
20 data from a received printing job is described below 
in detail by referring to the process flow shown in 
FIG. 10. 

The printer decrypts the received secret key in 
the printing job using the private key of the printer 
25 (step SlOOl), and obtains the secret key in the 
printing j ob . 

Then, the printing data in the printing job is 
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decrypted using the obtained, (decrypted) secret key 
(step S1002)/ and the printing data is obtained. 

The digital signature of the printing job is 
decrypted using the public key of the source- printer 
5 driver (step S1003) , and the feature amount of the 
printing data is obtained. 

From the obtained printing data, the body of 
the printer computes the feature amount using a . 
feature amount computation function (step S1004) , the 
10 computed feature amount is compared with the received 
feature amount of the printing data (step S1005) . If 
the feature amounts match each other, it is confiinned 
that the obtained printing clata in step S1002 has not 
been falsified. 
15 Thus, according to the present embodiment, a 

time consuming public key cxryptosystem is only used 
in the encryption and decryption of a secret key, and 
it is not necessary to manage a secret key for each 
of a plurality of printers connected to the network 
20 and Internet. Furthermore, since the host computer 
can change the secret key each time communications 
are established, the printing data can be more safely 
transmitted to a printer. 
(Fourth Embodiment) 
25 The fourth embodiments of the print control 

apparatus, the printer, the printer management server, 
the print processing system, the print control method. 
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the computer program, and the computer-readlable 
recording medium according to the present invention 
axe described below. 

In the above-mentioned first to third 
5 embodiments of the present invention, the printing 
data can be protected against tapping hy encrypting 
the printing data by means capable of decrypting the 
data only by a specified printer, and the printing 
data can be protected against falsification by adding 
10 a digital signature (obtained by the source of the 
printing data encrypting the. feature amount of the 
printing data using its own private key, and the 
falsification of the data can be detected by 
confirming the contents by the decryption \asing the 
15 public key of the source) to the printing data. 

However, in the method described in the above- 
mentioned first to third embodiments, the h.ost 
computer (or the printer driver) has to be informed 
of the public keys of all printers which can be 
20 specified. Similarly, the public keys of all printer 
drivers have to be recorded in the body of the 
printer. 

Therefore, a large print processing system 
capable of using a plurality of host computers and 
25 printers requires laborious operations in recording 
and maintaining necessary information. 

In this situation, the present embodiment 
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maintains the system of safely transmitting printing 
data through the Internet and network using the print 
processing system described in the above-described 
first to third embodiments, the printer management 
5 server centrally manages the necessary ±nformation 
about the public keys of printers, etc. r and the 
printer driver obtains necessary infoimation from the 
printer management server, thereby eliminating the 
necessity to manage the information aboiat each 
ro printer. The print processing system with the above- 
mentioned configuration is described below. 

Thus, the configuration of the hairdware of the 
print processing system according to the present 
embodiment is designed by adding a printer management 
15 server to the print processing system described by 
referring to the first to third embodiments of the 
present invention. Therefore, the components also 
included in the first to third embodiments are 
assigned the same reference nximerals as in FIGS. 1 to 
20 3, and the detailed explanation is omitted here. 

FIG. 11 shows the concept of the fourth 
embodiment of the present invention in reference to 
an example of the configuration of the print 
processing system. 
25 It is assumed that a user operates a print 

instruction from the host computer 3000^ and the 
network printer 1500a shared on the network (LAN) 100 
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and the printer 1500b connected through the Internet 
20O perform printing processes. 

A printer management server 4000 (4000a, 4000b) 
manages the information (a setting position, an 
5 addxess, an encryption key, etc.) about possible 
printers, and the host computer 3000 obtains the 
information about necessary printer from the printer 
maneigement server 4000 during printing, and transmits 
printing data to the corresponding printer. 
10 The print processing system according to the 

present embodiment can also transmit printing data to 
the printers 4000a and 4000b through the printer 
management server 4000. The printer management 
server 4000 can be connected to network 100 or the 
15 Internet 200. 

FIG. 12 is a block diagram of the fourth 
embodiment of the present invention in reference to 
an example of the configuration of the print 
processing system. 
20 Unless otherwise specified, the host computer 

30O0 is connected to the printer 1500 through any LAN, 
WAN, public circuit, Internet, etc. 

In FIG. 12, the printer management server 4000 
comprises a CPU 31 for executing a control program 
25 stored in ROM 33 or an external memory not shown in 
the attached drawings^ and RAM 32 functioning as the 
main memory, a work area, etc, of the CPU 31, and the 
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CPU 31 centrally controls each of tine units 32 and 33 
connected to a system bus 35. 

A network interface cart (NIC) 34 performs a 
bidirectional coinmunications process with the printer 
5 driver and the printer 1500. 

FIG. 13A is a memory map showing the control 
program which is stored in the program ROM 3b of the 
host computer 3000 according to the embodiment of the 
present invention, and becomes executable after it is 
10 loaded to the RAM 2 of the host computer 3000. 

The encryption, a data feature amount 
computation function, etc. for use ±n the host 
computer 3000 according to the embodiment of the 
present invention are resident as a part of a program 
15 304 related to a printing process. 

A public key of the printer management server 
4000 and a private key of a printer driver itself are 
resident as a part of a related data 303. 

FIG. 13B is a memory map showing the control 
20 program which is stored in the program ROM 33 of the 
printer management server ^000 according to the 
embodiment of the present invention (or an external 
memory not shown in the attached drawings), and 
becomes executable after it is loaded to the RAM 32 
25 of the printer management server 4000. 

The encryption/decryption, a data feature 
amount computation function^ a printer retrieval 
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process, etc. for use in the printer management 
server 4000 according to the embodiment of the 
present invention are resident as a part of the 
program 313 related to a printing process. 
5 The printer information (a setting position and 

an address of each prrinter, a public key of each 
printer, etc.) managed by the printer manageitient 
server 4000 is resident as a part of the related data 
312. 

10 FIG. 13C is a memory map showing the control 

program which is stored in the program ROM 14b of the 
printer 1500 according to the embodiment of the 
present invention, and becomes executable after it is 
loaded to the RAM 13 of the printer 1500. 

15 The decryption,, a data feature amount 

computation function,, etc. for use in the printer 
1500 according to the embodiment of the present 
invention are resident as a part of a program 323 
related to a printing process. A public key of the 

20 printer management server 4000 and a private key of a 
printer driver itself are resident as a part of a 
related data 322. 

FIG. 14 shows the key for use in the print 
processing system (refer to the flowcharts shown in 

25 and after FIG. 15) according to the embodiment of the 
present invention. In the embodiment^ the encryption 
is realized by the p\ablic key cryptosystem^ and each 
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information equipment has its own public key and 
. private key. Therefore^ the respective keys are 
individually represented. 

In FIG. 14, the picture showing the key 
5 overriding the data indicates that the- data is 
encrypted by the corresponding key. 

In the print processing system according to the 
embodiment of the present invention, the printer 
driver obtains the information about the printer 1500 
10 from the printer management server 4000 in a safe 

method, and the printing data encrypted in the public 
key cryptosystem is transmitted to the printer 1500. 

The public key cryptosystem is a method in 
which the encryption and the decryption are realized 
15 using different keys (private key and public key) 

between a user and the laser's communication partner, 
and data encrypted using one key cannot be decrypted 
without using the other- key. 

In the public key cryptosystem, the public key 
20 is normally published, and the private key is kept in 
secret. In the public key cryptosystem, it is not 
necessary to prepare a specific key for each 
communication partner, and a public key can be 
published. Therefore, a key can be easily 
25 transmitted to a communication partner with a person 
who can decrypt the key limited to the user. 

If the public key cryptosystem is applied to. 
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for example^ the printer 1500 according to the 
present embodiment^ and the printing data is 
encrypted using the published public key of the 
printer, then the data can be printed only on the 
5 destination printer with the printing data 
transmitted from any printer driver, thereby 
disabling the othe^: printers to print the data, 

A digital signature is used as a method of a 
printer driver safely obtaining printer information 
10 from the printer management server 4000, 

A digital signature is obtained by encrypting a 
computation result of the feature amount of the 
contents of the data to be transmitted using a source 
private key. In this example, the printer 
15 information is encrypted using the private key of the 
printer management server 4000. 

The printer driver holds the public key of the 
printer management server 4000, decrypts the digital 
signature using the public key, and compares the 
20 decrypted digital signature with the feature amount 
computed from the separately transmitted printer 
information, thereby successfully confirming the 
identification of the source and the presence/absence 
of the falsification of the printing data (printing 
25 job) . 

The feature amount can be represented by a htash 
value, a checksum, etc. A hash value is computed 
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using a hash function which is hardly obtained from a 
computation result or is hardly falsified to obtain 
the same hash value. 

When a user performs a printing operation in an 
5 application^ the application passes the printing data 
to the printer driver, and performs a printing 
process. The prxnter driver determines the first 
printer for outpxitting data, and transmits printer 
information search request data to the printer 
10 management server 4000 to obtain the address and the 
key of the printer. 

The selection reference of the printer in the 
printer management server 4000 which receives the 
printer information search request data may be 
15 requested to: 

"print an estimate, etc. on the printer at hand 
(of, for example, the closest convenience store) when 
a user is out"; 

"print data, on the printer closest to the user 
20 when the user stays away from home or office"; 

"confidentially print data on the printer of a 
client, etc." 

To determine a printer on which data is to be 
printed, the user performs a printer selecting 
25 operation in advance or interactively. 

The process of the printer management server 
4000 retrieving printer infoonnaation and returning the 
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information to the printer driver is described below 
in detail. 

The printer management server 4000 selects an 
appropriate printer from the list of the printer 
5 information managed by the server depending on the 

contents (necessary capabilities of a printer such as 
the position, color/both sides/staple, etc. of the 
printer) of the printer information search request 
data received from tine printer driver, and retrieves 
10 the printer information about the corresponding 
printer (step S501) . 

It is assiimed that the above-mentioned printer 
information includes a printer address, the public 
key, etc. of a printer. 
15 When a printer communicates data with a host 

using a SOAP (simple object access protocol) 
implemented on the HTTP (hyper text transfer 
protocol), it is effective to encrypt a URL. 

FIG. 23 shows a.n embodiment of the present 
20 invention in reference to the encrypting process on 
the infoannation about a destination. In (1) in FIG. 
23, upon recognition of a print instruction from a 
user, a host computer 2301 uses the SOAP implemented 
on the HTTP and requests a printer 2305 to transmit 
25 as printer information the destination (a URL in this 
case) of the data of the printer together with the 
device ID and the function of the device. In (2) and 
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(3) in FIG. 23, the printer transmits the printer 
information including URL 2305 to the host computer 
2301 which tias transmitted the request to obtain the 
printer information. At this time, the URL is 
5 . encrypted using a public key 2302 of the host. 

Simultaneously or immediately after the encryption, a 
post method of the HTTP from an external unit to the 
URL of the transmitter is awaited. In (4), the host 
computer 23 Ol decrypts the URL using a its own 

10 private key 2303. Using the post method of the HTTP, 
the host computer 2301 inputs the data to be printed 
into the decrypted URL indicating a predetermined 
storage area, in the printer. The post method is 
prescribed ±n the HTTP, and is a procedure remotely 

15 called for ±nput of data to a predetermined storage 
area. Refer- to, for example, RFC 2616 which is a 
docToment issued from the IETF (Internet Engineering 
Task Force) . 

At this time, it is not safe if the URL is 

20 transmitted as raw data because the printer awaits an 
external post method in the above-mentioned step (2), 
and is externally vulnerable. That is, if the URL is 
transmitted as raw data, it is subject to an attack 
from an eviX cracker. When the evil cracker is 

25 informed of the URL, he or she can take cracking 

action such, as a write to a storage area of the URL 
in the printer using the obtained URL, or attempt 
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illegal access. Then, it is desired that a URL is 
transmitted after being encrypted in the printer 
using a public key obtained from the host computer. 
The host computer decrypts the URL in the host 
5 computer obtained from the printer using its own 
private key, and transmits the printing data using 
the URL in the post method of the HTTP. 

It is obvious that the URL is an example of a 
URI (unified resource identifier) . Described above 

10 is an URL as a preferable example, but it is also 
effective in enhancing the security of the 
identification information indicating a destination 
printer such as an IP address, the address of the 
identifier of the SMB prescribed by NETBEUI, that is, 

15 the informat±on about the destination and the 

information about the destination of image forming 
data, etc. 

In the printer search step in step S501, it is 
not always necessary to select one printer. That is, 

20 in the printer search step in step S501, an 

interactive process can be performed such that the 
printer management server 4000 can roughly select 
some printers depending on the conditions (contents 
of search recjuest data of the printer information) , 

25 once return the printer information about the roughly 
selected printers to the printer driver, and allow 
.the printer driver to finally select a desired 
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printer from among the roughly selected printers. 

Furtheirmore/ the printer management server 4 000 
can transmit the printer information about all 
printers managed by itself without rougtxly selecting 
5 the printers, and allow the printer driver to select 
a desired printer. 

Then, the printer management server 4000 
computes the feature amount using the feature amount 
computation function from the retrieved printer 
10 information (step. S502) , and encrypts the feature 
amount using the private key of the printer 
management server 4000 (step S503) . The result 
obtained in step S503 is a digital signature. 
Finally, the printer information and the digital 
15 signature are returned to the printer driver. 

The process of a printer driver transmitting an 
encrypted printing job to a printer is described 
below in detail by referring to the process flow 
shown in FIG. 16. 
20 Using the public key of. the printer management 

server 4000, the printer driver decrypts a digital 
signature contained in the digital signature and the 
printer information returned from the pxinter 
management server 4000, and obtains the feature 
25 amount (step S601) • The printer driver is assumed to 
hold the public key of the printer management- server 
4000. . 
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Next, the printer driver computes the feature 
amount from the obtained printer infoxrination using 
the feature amount computation function (step S602)^ 
compares it with the received feature amount (step 
5 S603) r and confiannas that the printer information has 
been transmitted from the desired printer management 
server 4000 and the printing data has not been 
falsified if the feature amounts match, each other as 
a result of the comparison. 
10 Then, the printer driver retrieves a public key 

contained in the printer information (step 8604), and 
encrypts the printing data transmitted from the 
application using the retrieved public key (step 
S605) • Finally, the encrypted printing data is 
15 transmitted as a printing job to the printer 1500, 
The process of the printer obtaining printing 
data from a printing job is described below in detail 
by referring to the process flow shown in FIG. 17. 

The printer 1500 decrypts the printing data in 
2 0 the received printing job using the private key of 
the printer 1500 (step S701), and obtains the 
printing data. 

In each step shown in FIGS. 16 and 17, a 
printing job can be transmitted from the printer 
25 driver to the printer 1500 which protecting the 
printing job against illegal printing by other 
printers than, a specified printer. 
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The printer* driver only has. to be informed of 
the seoret key of the printer management server 4000 
to obtain the printer information in a safe method 
without individually managing the address, capability 
5 or secret key of a target printer. That is, only the 
printer management server 4000 has to be 
appropriately maintained to easily and safely print 

•J 

printing data from any host computer. 
(Fifth Embodiment) 

10 * * The fifth embodiments of the print control 

apparatus, the printer, the printer management server, 
the print processing system, the print control method, 
the computer program,* and the computer-readable 
recording medium according to the present invention 

15 are described below. The configuration of the 

hardware of the print processing system according to 
the present embodiment is similar to the 
configurations of the above-mentioned fourth 
embodiments. Therefore, the same components as those 

20 in the fourth embodiments are assigned the same 

reference numerals shown in FIGS. 11 to 15, and the 
detailed explanation is omitted here* 

In the above-mentioned fourth embodiment, since 
a digital signature is added to the information 

25 coimnunicated at a printer information obtaining 

request of a printer driver, there is no possibility 
that data is falsified, but can be referred to by 
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anybody over a network. Therefore ^ the subsequent 
action can be tracked by the third party. 

Therefore, the present einbodxment shows an 
example of encrypting data returned by the printer 
5 management server 4000 to enhance the security of the 
information. 

The difference from the fourth embodiment is 
the communications between a printer management 
server and a printer driver, and the process of 
10 printing encrypted printing data on the printer side 
is the same as the process shown in FIG. 17. 

If a user performs a printing operation on an 
application, the printing data is passed by the 
application to the printer driver for the printing 
15 process. The printer driver transmits printer 
information search request data to the printer 
management server 4000. At this time, according to 
the present embodiment, the public key of the printer 
driver is also transmitted to redu.ce the information 
20 for server management. It is not required to 

transmit when the server manages the public key of 
the printer driver to be managed. 

The process of the printer management server 
4000 retrieving printer information and returning it 
25 to the printer driver is describe below in detail by 
referring to the process flow shown in FIG. 8. 

The printer management server 4000 retrieves an 
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appropriate printer from the printer information list 
managed by the server depending on the contents of 
the above-mentioned printer information search 
request data received from the printer driver (step S 
5 801) • The process of this step is the same as tine 
process in step S501 described above in reference to 
the fourth embodiment. 

Then, the printer management server 4000 
enorypts the retrieved printer information using the 
10 received public key of the printer driver (step S802) . 
Then, the printer management server 4000 computes the 
feature amount using a feature amount computation 
function from the original printer information (step 
S8 03)/ and encrypts the feature amount using the 
15 private key of the printer management server 40 OO 
(step S804) . 

The result obtained in step S804 is a digital 
signature. Finally, the encrypted printer 
information and the digital signature are returned to 
20 ttxe printer driver. 

The process of the printer driver transmitting 
the encrypted printing job to the printer is 
described below in detail by referring to the process 
flow shown in FIG. 19. 
25 The printer driver decrypts the printer 

information received from the printer management 
server 4000 using the private key of the printer 
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driver (step S901) ^ and obtains the printer 
information . 

The printer driver decrypts the digital 
signature received from the printer management server 
5 4000 using the public key of the printer rnanagement 
server 40 00, and obtains the feature amount of the 
printer information (S902) . The printer driver is 
assTimed to hold the public key of the printer 
management server 4000. 
10 Then, the printer driver computes the feature 

amount using the feature amount computation function 
from the obtained printer information (step S903) , 
compares it with the received feature amount (step 
S904), and confirms that the obtained printer 
15 inf ontiation has been transmitted from the desired 

printer management server 4000 and the printing data 
has not been falsified if the feature amounts match 
each other as a result of the comparison. 

Then, the printer driver retrieves a public key 
20 contained, in the printer information (step S905) , and 
encrypts the printing data received from the 
applicat±on using the retrieved public key (step 
S906) . Finally^ the encrypted printing data is 
transmitted as a printing job to the printer 1500. 
25 In the above-mentioned steps, the printer 

informat±on returned from the printer management 
server 4O00 can be accessed only by the printer 
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driver which has issued the request to the printer 
management server 4000, thereby successfully, 
enhancing the security. 

Since the printer driver transmits its own 
5 public key, it is not necessary for the printer 

management server 4000 to manage the corresponding 
printer driver • Since the public key is published, 
there is no problem of passing it to the printer- 
management server 4000. 
10 In this example of the present embodiment, 

printer- information is encrypted. However, means for 
transmitting the public key of the printer driver 
from the printer driver to the printer management 
server 4000, and returning the information encrypted 
15 using the public key to the printer driver can also 
be applied to other data* 

Therefore, when other data than the printer 
information is encrypted, the system of the printer 
management server 4000 which is free of management of 
20 the printer driver can be provided. 

In the above-mentioned example of the present 
embodiment, the secret key of the printer driver is 
used. However, an available secret key is not 
limited to the secret key of a printer driver, bxit 
25 the key of the host computer 3000 can be used, or the 
key of the current user can be used obviously. 

For example, when the secret key of the host 
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computer 3000 is used, the host computer 3000 can be 
used in a multi-user mode so that anybody on the host 
computer 3000 can print printing data on the printer 
1500 on the same condition. 
5 Furthermore, when the secret key of a user is 

used, the user can print printing data on the same 
condition from an in-house desktop personal computer 
(PC) or any notebook personal computer (PC) out in 
the field. 
10 (Sixth Embodiment) 

The sixth embodiments of the print control 
apparatus, the printer, the printer management server, 
the print processing system, the print control method, 
the computer program, and the computer-readable 
15 recording medium according to the present invention 
are described below. The configuration of the 
hardware of the print processing system according to 
the present embodiment is similar to the 
configurations of the above-mentioned fourth and 
20 fifth embodiments. Therefore, the same components as 
those in the fourth embodiments are assigned the same 
reference numerals shown in FIGS. 11 to 19, and the 
detailed, explanation is omitted here. 

In the fourth and fifth embodiments of the 
25 present invention, printing data cannot be printed on 
the printers other than a specified printer. 

However, if anybody hooks the original printing 
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data and transm±ts different data to a target printer 
by following the same steps as the fourth and fifth 
embodiments, the printer cannot determine whether or 
not the received printing data has been falsified. 
5 This problem can be solved by assigning a 

digital signature to printing data» However, to 
solve the problem, the public key of the target 
printer driver ±s to be recorded in the printer. 

Furthermore, the public key is to be recorded 
10 in all printers in the print processing system. If a 
target host computer is added, all printers have to 
be maintained correspondingly. Therefore, 
determining in this method whether or not printer 
driver has been falsified requires a laborious 
15 operation. 

Here, according to the present embodiment, 
printing data xs transmitted through the printer 
management server 4000 so that the printing data can 
be protected against falsification and the 
20 maintenance of the printer 1500 can be almost 
eliminated. 

The process of the printer driver transmitting 
printing data to the printer management server is 
described below in detail by referring to the process 
25 flow shown in FIG. 20. 

When a user performs a printing operation on an 
application, the application passes printing data to 
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the printer driver, thereby performing a printing 
process . 

To first determine the destination printer, the 
printer driver generates request data to the printer 
5 management server 4000, or designates a printer 

through interactive communications with the printer 
management server 4000 (SlOOl) , and generates a 
request to specify a printer to be transmitted to the 
printer management server 4000. 
10 ' Then, the pr±nter driver encrypts the printing 

data received from the application using the public 
key of the printer management server 4000 (step 
S1002) • Finally, ±t transmits the encrypted printing 
data and the printer designation request to the 
15 printer management server 4000. 

The process of the printer management server 
4000 transmitting the encrypted printer driver to the 
printer 150 0 is described below in detail by 
referring to the process flow shown in FIG. 21. 
20 In response to the printer designation request 

received from the printer driver, the printer 
management server 4000 selects an appropriate printer 
from the printer information list managed by the 
server, and retrieves the corresponding printer 
25 information (step SllOl) . Assume that the printer 

information contains the address, the public key, etc. 
of the printer. 
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Next^ the printer management server 4000 
decrypts the printing data received from the printer 
driver using the private key of the printer 
management server 4000 (step 31102)^ and obtains the 
5 printing data. After this step, the information 

equipment other than the printer management server 
4000 cannot tap the printing data- 

Then, the printer management server 4000 
. encrypts the obtained printing data using the pvilolic 
10 key of the printer contained in the printer 
information (step S1103) . 

The printer management server 4000 then 
computes the feature amount computation function from 
the obtained printing data (step S1104) , and encrypts 
15 the computed feature amount using the private key of 
the printer management server 4000 (step S1105) • The 
obtained result is a digital signature. 

Finally, the printer management server 400 O 
transfers a combination of the encrypted printing 
20 data and the digital signature as a printing job to 
the printer address contained in the printer 
information. 

The process of the printer 1500 obtaining the 
printing data from the received printing job is 
25 described below in detail by referring to the process 
flow shown in FIG. 22. 

The printer 1500 decrypts the printing data in 
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the printer 1500 (step S1201), and obtains the 
printing data. After this step^ information 
equipment other than a specified printer cannot tap 
5 the printing data. 

Then^ the printer 15 00 decrypts the digital 
signature in the received printing job using the 
public key of the printer management server 4000 of 
the source (step S1202), and obtains the feature 

10 amount of the printing data. 

The printer 1500 then computes the feature 
amount using the feature amount computation function 
from the obtained printing data (step S1203), 
compares the result with the received feature amount 

15 (step S1204), and confirms that the printing data 

obtained in step S1201 has not been falsified if the ' 
feature amounts match eacln other. 

Thus, according to the present embodiment;, the 
printing data can be not only protected against 

20 tapping, but also protected against the falsification. 
Furthermore, the public key of other 
information equipment to be held by each information 
equipment is only the public key of the printer 
management server 4 000 for the printer driver and the 

25 printer. The printer management server 4000 has to 
manage only the public key of the printer managed by 
the server. Therefore, although the configuration of 
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the print processing system is changed^ only the 
prxnter management server 4000 is to be maintained. 
(Other Elmbodiments of the Present Invention) 
The present invention also includes the 
5 eiabodiment of providing a program code of the 

software for realizing the function of the above- 
mentioned embodiments for the apparatuses connected 
to various devices or the computers in the system so 
that various devices can be operated, to realize the 
10 functions of the above-mentioned embodiments, and 
operating various devices according to the program 
stored in the computer (CPU or MPU) of the system or 
the apparatus . 

In this case, the program code of the above- 
15 mentioned software realizes the functions of the 
above-mentioned embodiments, and the program code 
itself, and the means for providing the program code 
for the computer, for example, the storage medium 
storing the program code configure the present 
20 invention. The recording medium storing such a 

program code can be, for example, a flexible disk, a 
hard disk, an optical disk, a magneto-optic disk, CD- 
ROM, a magnetic tape, a non-volatile memory card, ROM, 
etc . 

25 The embodiments of the present invention also 

include a program code not only when the functions of 
the above-mentioned embodiments are realized by the 
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computer executing the provided program code, but 
also whien the functions of the above-mentioned 
embodiments are realized in cooperation with the OS 
(operating system) operated in the computer or 
another" application software, etc. 

Furthermore, after the provided program code is 
stored in the memory of the function expanding board 
of a computer or the function expanding unit 
connected to the computer, a part or all of the 
actual process can be performed by the CPU provided 
in the function expanding board and the function 
expanding unit at an instruction of the program code, 
and the functions of the above-mentioned embodiments 
are realized by the process. It is obvious that this 
process can also be included in the present invention. 

As described above, according to the present 
invention, a printing job containing printing data is 
transmitted to a specified printer through a 
Goinmunications medium, and the specified printer is 
controlled to print the printing data* At this time, 
the printing data is encrypted in the encrypting 
method in which only the printer designated to print 
the printing job can perform decryption. Therefore, 
although the printing job containing printing data is 
tapped,- the printing data can be protected against 
illegal printing by any other printers and the tapped 
printing data can be protected against illegal use by 
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the third party. 

Furthermore, according to another feature of 
the present embodiment, the feature amount computed 
from the printing data can be encrypted to generate a 
5 digital signature, and the generated digital 

signature can be contained in the printing job and 
transmitted. Therefore, the source of the printing 
job can be designated and no falsification on the 
printing job can be guaranteed. As a result, 
10 although the printing data is printed through, the 
communications medium, tapping or falsification of 
the printing data, if occurs, can be detected.. Thus, 
erroneous printing can be prevented, and important 
printing data can be- safely printed. 
15 According to another feature of the present 

embodiment, the printers connected to a 
communications medixam can be collectively managed by 
a printer management server. Therefore, the print 
control apparatus and a printer have only to hold the 
20 public key of the printer management server, and the 
printer management server only has to hold the public 
key of the printer managed by the server, thereby 
considerably reducing the laborious operatioris 
required for maintenance in a large system including 
25 a plurality of print control apparatuses and a 
plurality of printers. 
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CLAIMS 

1. A print control apparatus which transmits 
a printing job including printing data to a specified 
5 image forming apparatias through a communications 

medium, and controls tlie printing data to be printed 
by the specified image forming apparatus, comprising: 

printing data encryption means for encrypting 
the printing data in a. specified encrypting method in 
10 printing the printing job; 

obtaining means for obtaining information about 
a destination for the image forming apparatus; and 

decryption means for decrypting information 
about the destination obtained by said obtaining 
15 means. 

2 . The print control apparatus according to 
claim 1, further comprising: 

feature amount computation means for computing 
20 a feature amount from the printing data; and 

printing job transmission means for including 
the feature amount computed by said feature amount 
computation means in t::he printing job and 
transmitting the featxare amount to the specified 
25 image forming apparatus through the communications 
medivm . 
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3. The print control apparatus according to 
claim 1, wherein 

the information about the destination obtained 
by said obtaining means is a port or a uniform 
5 resource identifier (URI) for printing. 

4. The print control apparatus according to 
claim 1, wherein 

said printing, data encryption means functions 
10 as public key encryption means for performing 

encryption based on a public key cryptosystem, and 
encrypts the printing data using a public key of the 
image forming apparatus specified for printing the 
printing data based on tbe public key cryptosystem. 

15 

5. The print control apparatus according to 
claim 1, further comprising: 

secret key generation means for generating a 
secret key commonly used loy the image forming 
20 apparatus specified for printing the printing data; 

secret key encryption means for encrypting the 
secret key generated by said secret key generation 
means ; and 

printing job transmission means for including 
25 the secret key encrypted loy said secret key 
encryption means in the printing job^ and 
transmitting the key to the communications medium. 
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wherein: 

said printing data encryption means functions 
as common key encryption means for performing 
encryption based on a conventional encryption system, 

5 and encrypts the printing data using the secret key 
generated by said secret key generation means based 
on the conventional encryption system; and 

said secret key encryption means functions as 
public key encryption means for perfoanning encrypt 

10 based on the public key cryptosystem, performs the 

encryption based on the public key cryptosystem, and 
encrypts the secret key using a public key of the 
image forming apparatus specified for printing the 
printing data. 

6. The print control apparatus according to 
claim 2r further comprising 

digital signature generation means for 
generating a digital signature by performing 
20 encryption based on a public key cryptosystem on the 
feature amount computed by said feature amount 
computation means and encrypting the feature amount 
using a private key of said digital signature 
generation means, wherein 
25 said printing job transmission means includes 

in the printing job the digital signature generated 
by said digital signature generation means instead of 
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the feature amount computed by said feature amount 
computation means, and transmits the printing job to 
the communications medium. 

5 7 . The print control apparatus according to 

claim 1, further comprising: 

image forming apparatus selection means for 
selecting an image forming apparatus for printing the 
printing data from the group oonsisting of a 
10 plurality of image forming apparatuses by issuing an 
inquiry to an image forming apparatus management 
server for managing information about the image 
forming apparatuses; and 

image forming apparatus information obtaining 
15 means for obtaining information about the image 

forming apparatus specified for printing the printing 
data from the image forming apparatus management 
server . 

20 8. The print control apparatus according to 

claim 1 , wherein: 

said image forming apparatus information 
obtaining means obtains an encryption key and an 
address of the image forming apparatus specified for 
25 printing the printing data from the image forming 
apparatus management server; and 

said printing data encryption means encrypts 
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the printing data using the -key of the image forming 
apparatus obtained by said image forming apparatus 
information obtaining means, and transmits the 
encxypted printing data directly to the address of 
5 the image forming apparatus obtained by said image 
forming apparatus information obta±ning means. 

9. The print control apparatus according to 
cla.±m 7/ wherein 
10 said printing data encryption means obtains an 

encryption key of the image forming apparatus 
marxagement server, encrypts the printing data, and 
tra.nsmits the encrypted printing data to the image 
forming apparatus management server. 

15 

10. The print control apparatus according to 
claim 7, wherein 

said image forming apparatus selection means 
seXects from the group consisting of a plurality of 

20 image forming apparatuses a corresponding image 

forrming apparatus by said image forming apparatus 
information obtaining means transmitting to the image 
forrming apparatus management server a necessary 
coradition for said image forming apparatus selection 

25 means selecting a corresponding image forming 

apparatus from the group consisting of a plurality of 
image forming apparatuses . 
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11. The print control apparatus according to 
claim 1 , wherein 

the image forming apparatus management server 
roughly selects corresponding image forming 
5 apparatuses from the group consisting of a plurality 
of image forming apparatuses by said image forming 
apparatus information obtaining means transmitting to 
the server a necessary condition for the image 
forming apparatus management server roughly selecting 

10 the corresponding image forming apparatuses from the 
group consisting of a plurality of image forming 
apparatuses, and the image forming apparatus 
management server which has roughly selected the 
corresponding image forming apparatuses from the 

15 group of the plurality of image forming apparatuses 
interactively communicates with said image forming 
apparatus selection means, thereby selecting the 
image forming apparatus for printing the printing 
data from the group of the plurality of image forming 

20 apparatuses* 

12. An image forming apparatus which prints 
encrypted printing data contained in a printing job 
rece±ved through a communications medium, comprising r 
25 printing data decryption means for decrypting 

the printing data in a predetermined decrypting 
method for the encrypted printing data; 
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feature amount obtaining means for obtaining a 
feature amount from the received printing job; 

feature amount computation means for computing 
a feature amount from the printing data decrypted by- 
said printing data decryption means; 

transfer means for encrypting and transferring 
information about a destination corresponding to an 
image forming apparatus; and 

printing data confirmation means for comparing 
the feature amount computed by said feature amount 
computation means with the feature amount obtained by 
said feature amount obtaining means ^ and confirming 
that the encrypted and received printing data has not 
been destroyed or falsified if a comparison result 
indicates matching feature amounts. 

13. The image forming apparatus according to 
claim 12, wherein 

said printing data decryption means functions 
2 0 as public key decryption means for performing 
decryption based on a public key cryptosystem, 
performs the decryption to decrypt the encrypted and 
received printing data using a private key of said 
printing data decryption means, and obtains the 
2 5 printing data. 

14. The image forming apparatus according to 
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claim 12, furthear comprising: 

secret key retrieval means for retrieving an 
encrypted secret key from the received printing job; 
and 

5 secret key obtaining means for performing 

decryption based on a public key cryptosystem on the 
encrypted secret key retrieved from said secret key 
retrieval means ^ decrypting the encrypted secret key 
using a private key of said secret key obtaining 
10 means, and obtaxning the secret key of the printing 
job/ wherein 

said print ±ng data decryption means functions 
as common key decryption means for performing 
decryption based on a conventional encryption system, 
15 applies the conventional encryption system to decrypt 
the encrypted printing data using the secret key, and 
obtains printing data • 

15 . The ±mage forming apparatus according to 
20 claim 12, further comprising 

digital signature retrieval means for 
retrieving a digital signature from the received 
.printing job, wherein: 

said featxare amount obtaining means obtains a 
25 feature amount t>y decrypting the digital signature 
retrieved by sa±d digital signature retrieval means 
based on a public key decrypting method using a 



wo 2004/013749 



PCT/JP2003/010016 



58 

public key of a source of the printing job; 

said printing data conf innation means compares 
the feature amount computed from the printing data 
decrypted by said prxnting data decryption means with 
5 the feature amount obtained by said feature amount 
obtaining means, confirms that the feature amounts 
match each other, thereby confirming that the source 
is a specified image forming apparatus driver and 
that the encrypted and received printing data has not 
10 been destroyed or falsified. 

16. An image forming apparatus management 
server which manages information about an image 
forming apparatus connected through a communications 
15 mediimi, comprising: 

information holding means for holding a list of 
infoirmation including a setting position, a 
capability, and an encryption key of each available 
image forming apparatus connected through the 
20 communications medium; 

image forming apparatus selection means for 
referring to the list of information held by said 
information holding means in response to an inquiry 
from a print control apparatus which controls 
25 printing of the image forming apparatus, and selects 
an appropriate image forming apparatus for printing 
data from the group consisting of a plurality of 
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image forming apparatuses; 

image forming apparatus infoimation obtaining 
means for obtaining in response to an inquiry from 
the print control apparatus an. encryption key and 
5 address information about the image forming apparatus 
selected by said image forming apparatus selection 
means; and 

image forming apparatus information 
transmission means for decrypt^ing the encrypted 
10 printing data received from thie print control 

apparatus using the key held Toy said information 
holding means, re-encrypting tihe decrypted printing 
data using the key of the image foiining apparatus 
obtained by said image forming apparatus inf oantiation 
15 obtaining means, and transmitting the re-encrypted 
printing data to the address obtained by said image 
forming apparatus information obtaining means. 

17 . A print control method for transmitting a 
20 printing job containing print ±ng data to a specified 
image forming apparatus through a communications 
medium to control the printing data to be printed by 
the specified image forming apparatus, comprising the 
step of 

25 performing printing data encryption process for 

encrypting the printing data in an encrypting method 
in which the image fomning apparatus specified for 
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printing the printing data can decrypt the data, 
obtaining information about a destination of the 
image forming apparatus, and decrypting the obtained 
information about the destination - 

5 

18. The print control method according to 
claim 17, further comprising a feature amount 
computing process of computing a feature amount from 
the printing data, and a printing job transmitting 
10 process of including the feature amount computed in 

said feature amount computing process in the printing 
job and transmitting the feature amount to the 
specified image forming apparatus through the 
communications medium, 

15 

19. The print control method according to 
claim 18, wherein 

said printing data encryption process performs 
a public key encrypting process which is encryption 
20 based on a public key cryptosystem us±ng a public key 
of the image forming apparatus specified for printing 
the printing data, and encrypts the printing data. 

20. The print control method according to 
25 claim 17, further comprising: 

a secret key generating process of generating a 
secret key commonly used by the image forming 
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apparatus specified for printing the printing data; 

a secret key encrypting process for encrypting 
the secret key generated in said secret key 
generating process; and 
5 a printing job transmitting process for 

including the secret key encrypted in said secret key 
encrypting process in the printing job, and 
transmitting the key to the communications medium, 
wherein: 

10 said printing data encryption process perfoonns 

a common key encrypting process which is encryption 
based on a conventional encryption system using the 
secret key generated in said secret key generating 
process, and encrypts the printing data; and 

15 said secret key encrypting process performs a 

public key encrypting process which is encryption 
based on a public key cryptosystem using a public key 
of the image forming apparatus specified for printing 
the printing data, and encrypts the secret .key. 

20 

21. The print control method acco riding to 
claim 18, further comprising 

a digital signature generating process of 
performing encryption based on a public key 
25 cryptosystem using a private key on the feature 
amount computed in said feature amount computing 
process and encrypting the feature amount, thereby 
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generating a digital signature wherein 

said printing job transmitting process includes 
in the printing job the digital signature generated 
in said digital signature generating process instead 
5 of the feature amount computed in said feature amount 
computing process, and transmits the printing job to 
the communications medium* 

22. The print control method according to 
claim 17, further comprising: 

an image f oirming apparatus . selecting process of 
selecting an image forming apparatus for printing the 
printing data from the group consisting of a 
plurality of image forming apparatuses by issuing an 
inquiry to an image forming apparatus management 
server for managing information about the image 
forming apparatuses; and 

an image forming apparatxas information 
obtaining process of obtaining information about the 
image forming apparatus specified for printing the 
printing data from the image forming apparatus 
management s e rve r . 

23. The print control method according to 
25 claim 23, wherein: 

said image forming apparatus information 
obtaining process obtains an encryption key and an 
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address of the image forming apparatus specified for 
printing the printing data from the image forming 
apparatus management server;- and 

said printing data encrypting process encrypts 
5 the printing data using the key of the image forming 
apparatus obtained by said image forming apparatus 
information obtaining process, and transmits the 
encrypted printing data directly to the address of 
the image forming apparatus obtained in said image 
10 forming apparatus infoanaation obtaining process. 

24. The print control method according to 
claim 22, wherein 

said printing data encrypting process obtains 
15 an encryption key of the image forming apparatus 

management server, encrypts the printing data, and 
transmits the encrypted printing data to the image 
forming apparatus management server. 

20 25. The print control method according to 

claim 22, wherein 

said image foanoing apparatus selecting process 
selects from the group consisting of a plurality of 
image forming apparatuses a corresponding image 

25 forming apparatus by said image forming apparatus 

information obtaining process of transmitting to the 
image forming apparatus management server a necessary 
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condxtion for said image forming apparatus selecting 
process of selecting a corresponding image forming 
appairratus from the group consisting of a plurality of 
image forming apparatuses • 

5 

26. The print control method according to 
claim 22/ wherein 

the image forming apparatus management server 
rouglily selects corresponding image forming 
10 apparatuses from the group consisting of a plurality 
of ±iuage forming apparatuses by said image forming 
apparatus information obtaining process of 
transmitting to the server a necessary condition for 
the image forming apparatus management server roughly 
15 selecting the corresponding image forming apparatuses 
from the group consisting of a plurality of image 
foinxiing apparatuses ^ and the image forming apparatus 
management server which has roughly selected the 
cor responding image forming apparatuses from the 
20 group of the plurality of image forming apparatuses 
interactively communicates with said image forming 
apparatus selecting process, thereby selecting the 
image forming apparatus for printing the printing 
data from the group of the plurality of image forming- 
2 5 apparatuses . 



27 . The print control method according to 
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claim 25/ further comprising: 

a feature amount obtaining process of obtaining 
a feature amount from the received printing job; 

a feature amount computing process of computing 
5 a feature amount from the printing data decrypted in 
said printing data, decrypting process; 

a transfer process of encrypting and 
transferring information about a destination 
corresponding to an image forming apparatus; and 
10 a printing data confirming process of comparing 

the f.eature amount computed in said feature amount 
computing process with the feature amount obtained by 
said feature amount obtaining process, and confirming 
that the encrypted and received printing data has not 
15 been destroyed or falsified if a comparison result 
indicates matching feature amounts . 

28. The print control method -according to 
claim 26, wherein 

20 said printing data decrypting process functions 

as a public key decrypting process for performing 
decryption based on a public key cryptosystem, 
performs the decryption to decrypt the encrypted and 
received printing data using a private key, and 

25 obtains the printing data. 

29. The print control method according to 
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claim 27, further comprising: 

a secret key retrieving process for retrieving 
an encrypted secret key from the received printing 
job; and. 

5 a secret key obtaining process of performing 

decryption based on a public key decrypting method on 
the encrypted secret key retrieved from said secret 
key retrieving process , decrypting the encrypted 
secret key using a private key of said private key 
10 obtaining process, and obtaining the secret key of 
the printing job, wherein 

said printing data decrypting process functions 
as a common key decrypting process of performing 
decryption based on a conventional encryption system, 
15 decrypts the encrypted printing data using the secret 
key, and. obtains printing data. 

30 . The print control method according to 

claim 27, further comprising 
20 a digital signature retrieving process of . 

retrieving a digital signature from the received 

printing job, wherein: 

said feature amount obtaining process obtains a 

feature amount by decrypting the digital signature 
25 retrieved in said digital signature retrieving 

process based on a public key decrypting method using 

a public key of a source of the printing job; 
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said printing data confirming process compares 
the feature amount computed from the printing data 
decrypted in said printing data decrypting process 
with the feature amount obtained in said feature 
5 amount obtaining process^ confirms that the feature 
amounts match each other, thereby confirming that the 
source is a specified image forming apparatus driver 
and that the encrypted and received printing data has 
not been destroyed or falsified. 

10 

31. A print control method comprising: 
an information holding process of holding a 
list of information including a setting position, a 
oapability, and an encryption key of each available 
15 xmage forming apparatus connected through the 
communications medium; 

a selecting process of referring to the list of 
±nfoimation held in said information holding process 
±n response to an inquiry from a print control 
20 apparatus which controls printing of the image 

forming apparatus, and selects an appropriate image 
forming apparatus for printing data from the group 
consisting of a plurality of image forming 
apparatuses ; 

25 an information obtaining process of obtaining 

in response to an inquiry from the print control 
apparatus an encryption key and address information 
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about the image foirruing apparatus selected in said 
image forming apparatus selecting process; and 

an image forming apparatus information 
transmitting process of decrypting the encrypted 
5 printing data received from the print control 

apparatus using the key held in said information 
holding process, re -encrypting the decrypted printing 
data using the key of the image forming apparatus 
obtained in said information obtaining process, and 
10 transmitting the re-encrypted printing data to the 
address obtained in said information obtaining 
process. 

32 . A computer-^readable storage medium storing 
15 a computer program to direct a computer to perform: 
a printing data encrypting process of 
encrypting the printing data in an encrypting method 
in which an image forming apparatus specified for 
printing the printing data can decrypt the data when 
20 a printing job containing printing data is 

transmitted to a specified image forming apparatus 
through a communications medium to control the 
printing data to be printed by the specified image 
forming apparatus; 
25 an obtaining process of indicating info3nnation 

about a destination for the image forming apparatus; 
and 
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a decrypting process of decrypting the obtained 
information about the destination. 

33, A print control apparatus which transitiits 
5 a printing job including printing data to a specified 
image forming apparatus through a communications 
medium^ and controls the printing data to be printed 
by the specified image forming apparatus, comprising: 
a printing data encryption unit, which encrypts 
10 the printing data in a specified encrypting method in 
printing the printing job; 

an obtaining unit, which obtains information 
about a destination for the image forming apparatus; 
and 

15 a decryption unit, which decrypts information 

about the destination obtained by said obtaining unit. 
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